Move some PKI stuff from LocalStore to Store

This commit is contained in:
John Ericson 2020-12-20 16:05:09 +00:00
parent 29bd63e990
commit 57062179ce
4 changed files with 22 additions and 21 deletions

View file

@ -1092,15 +1092,6 @@ void LocalStore::invalidatePath(State & state, const StorePath & path)
} }
const PublicKeys & LocalStore::getPublicKeys()
{
auto state(_state.lock());
if (!state->publicKeys)
state->publicKeys = std::make_unique<PublicKeys>(getDefaultPublicKeys());
return *state->publicKeys;
}
void LocalStore::addToStore(const ValidPathInfo & info, Source & source, void LocalStore::addToStore(const ValidPathInfo & info, Source & source,
RepairFlag repair, CheckSigsFlag checkSigs) RepairFlag repair, CheckSigsFlag checkSigs)
{ {

View file

@ -35,10 +35,6 @@ struct LocalStoreConfig : virtual LocalFSStoreConfig
{ {
using LocalFSStoreConfig::LocalFSStoreConfig; using LocalFSStoreConfig::LocalFSStoreConfig;
Setting<bool> requireSigs{(StoreConfig*) this,
settings.requireSigs,
"require-sigs", "whether store paths should have a trusted signature on import"};
const std::string name() override { return "Local Store"; } const std::string name() override { return "Local Store"; }
}; };
@ -75,8 +71,6 @@ private:
minFree but not much below availAfterGC, then there is no minFree but not much below availAfterGC, then there is no
point in starting a new GC. */ point in starting a new GC. */
uint64_t availAfterGC = std::numeric_limits<uint64_t>::max(); uint64_t availAfterGC = std::numeric_limits<uint64_t>::max();
std::unique_ptr<PublicKeys> publicKeys;
}; };
Sync<State> _state; Sync<State> _state;
@ -94,12 +88,6 @@ public:
const Path tempRootsDir; const Path tempRootsDir;
const Path fnTempRoots; const Path fnTempRoots;
private:
const PublicKeys & getPublicKeys();
public:
// Hack for build-remote.cc. // Hack for build-remote.cc.
PathSet locksHeld; PathSet locksHeld;

View file

@ -282,4 +282,13 @@ StorePaths Store::topoSortPaths(const StorePathSet & paths)
} }
const PublicKeys & Store::getPublicKeys()
{
auto cryptoState(_cryptoState.lock());
if (!cryptoState->publicKeys)
cryptoState->publicKeys = std::make_unique<PublicKeys>(getDefaultPublicKeys());
return *cryptoState->publicKeys;
}
} }

View file

@ -189,6 +189,10 @@ struct StoreConfig : public Config
const Setting<bool> isTrusted{this, false, "trusted", "whether paths from this store can be used as substitutes even when they lack trusted signatures"}; const Setting<bool> isTrusted{this, false, "trusted", "whether paths from this store can be used as substitutes even when they lack trusted signatures"};
Setting<bool> requireSigs{this,
settings.requireSigs,
"require-sigs", "whether store paths should have a trusted signature on import"};
Setting<int> priority{this, 0, "priority", "priority of this substituter (lower value means higher priority)"}; Setting<int> priority{this, 0, "priority", "priority of this substituter (lower value means higher priority)"};
Setting<bool> wantMassQuery{this, false, "want-mass-query", "whether this substituter can be queried efficiently for path validity"}; Setting<bool> wantMassQuery{this, false, "want-mass-query", "whether this substituter can be queried efficiently for path validity"};
@ -710,11 +714,20 @@ public:
return toRealPath(printStorePath(storePath)); return toRealPath(printStorePath(storePath));
} }
const PublicKeys & getPublicKeys();
virtual void createUser(const std::string & userName, uid_t userId) virtual void createUser(const std::string & userName, uid_t userId)
{ } { }
protected: protected:
struct CryptoState
{
std::unique_ptr<PublicKeys> publicKeys;
};
Sync<CryptoState> _cryptoState;
Stats stats; Stats stats;
/* Unsupported methods. */ /* Unsupported methods. */